(1) Hardening the O/S and
application code
MIcrosoft peridically ditributes large updates to
its OS in the form of service packs. Service Packs include all the major and
minor fixes up. microsoft also distributes intermediate updates to their
operating systems in the form of Hotfix.
its OS in the form of service packs. Service Packs include all the major and
minor fixes up. microsoft also distributes intermediate updates to their
operating systems in the form of Hotfix.
The following steps descrive the automated
process of deisoverting and installing service packs and hotfixes to a window
2000 system
process of deisoverting and installing service packs and hotfixes to a window
2000 system
·
Open IE (internet Explorer)
Open IE (internet Explorer)
·
Go to tools – windwos update
Go to tools – windwos update
·
when askesd if you trust
microsoft, say YEs.
when askesd if you trust
microsoft, say YEs.
(2) Hardening the file
system security
In this case , we have to make sure that the hard
drive partitions are formatted with NTFS. This file system is more secure than
FAT of FAT32 schemes
drive partitions are formatted with NTFS. This file system is more secure than
FAT of FAT32 schemes
Step1: check your hard drive
partitions
·
Log in as Administrator
Log in as Administrator
·
Double click on My computer
Double click on My computer
·
Right CLick on each Hard
Drive and Chosse properties
Right CLick on each Hard
Drive and Chosse properties
·
Generat tab will identify
the File system type.
Generat tab will identify
the File system type.
Step2: Converting FAT or
FAT32 partitions to NTFS
·
Go ro start- RUN
Go ro start- RUN
·
Type cmd and click OK
Type cmd and click OK
·
At command prompt issue the
following command convert drive
At command prompt issue the
following command convert drive
·
Hit return to run the
command
Hit return to run the
command
·
Reboot the system.
Reboot the system.
(3) Hardening the local
security policies
While many system attacks take advantage of
software inadequacy, many also make use of user accounts. To prevent such sort
of vulnerability, “policies” or rules defien what sort or
account/password ” behavior” is appropriate, what type of auditing is
required.
software inadequacy, many also make use of user accounts. To prevent such sort
of vulnerability, “policies” or rules defien what sort or
account/password ” behavior” is appropriate, what type of auditing is
required.
Account policy answers the following.
·
How often do I need to
change my password?
How often do I need to
change my password?
·
How long or how complex does
my password need to be?
How long or how complex does
my password need to be?
Auditing policies determine what kind of security
transactions are recorded in the security Event Long.
transactions are recorded in the security Event Long.
